IN THE CLAIMS I 



Please amend claims 1, 2, 3, 4, 6, 7, 13, 14. 
Keep claims 5 and 11, as-is. 
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!• (Currently Amended) A system for enabling asynchronous 
authentication of a non-preauthenticated client-User means in a 
Kerberos domain servicing multiple requesting non-preauthenticated 
clients while eliminating any delays due to multiple concurrent 
authentication requests, said system comprising: 

(a) client -User means (10) for requesting 
authentication from a specialized client-server means 
(13); 

(b) said specialized client-server means (13) for 
communicating with a Kerberos server means (20) for 
developing a specific set of credentials for each 
client requesting authentication [[;] ] said specialized 
client server means utilizing a Unisys ClearPath 
server; 

(c) said Kerberos server means (20) for developing an 
asynchronous authentication response and a Ticket 
Granting Service to said client-server means (13). 
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2. (Currently Amended) The system of Claim 1 wherein said client- 
User means (10) includes: 

(al) multiple client-Users who may concurrently 
seek authorization to utilize said specialized 
client-server [ [•] ] means. 
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3. (Currently Amended) The system of claim 1 wherein said Kerberos 
server means (20) includes: 

(cl) means to return an authentication response to 
said specialized client -server means; 

(c2) means to return a Ticket Granting Service 
signal to said specialized client -server means. 
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4. (Currently AmendeGl) The system of claim 1 wherein said 
specialized client -server means includes: 

(bl) communication means (IIARC40, C(BflS42) for 
exchanging information between a requesting 
principal or client -User, a Master Control 
Progreun, a General Security Service Library 
(6SS38), and a Kerberos Support Library (KSL34); 

(b2} said Master Control Program (60) for 
controlling said communication means, said General 
Security Service Library and said Kerberos Support 
Library (34); 

(b3) said General Security Service Library (GSS38) 
providing multiple threads for handling multiple 
concurrent requests for authentication; 

(b4) said Kerberos Support Library (34) for 
developing and storing specific authentication 
credentials for each validated client-User 
authentication request* 
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5. (Original) The system of claim 4 wherein said Rerberos Support 
Library (34) includes: 

(b4a) means for accessing said Kerberos 
Server means (20) to acquire an 
authentication response and a Ticket Greuiting 
Service • 
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6* (Currently Amended) A secure message transmission system in a 
Kerberos environment which permits a client-user to operate in a 
network for authentication request transmittal and message 
response without suspending client service when a Kerberos Server 
(20) has not yet responded to an earlier request for an 
authentication message code signal, said system cons)rising: 

(a) client-terminal means (10) to indicate an original 
request for validation of an authentication message 
signal from a Kerberos Server (20); 

(b) specialized Unisys ClearPath server means having 
progreun meems (MARC 40 and COMS 42), under control of a 
Master Control Program (MCP60), for transmitting 
requests for service to a Kerberos Support Library 
(34), a General Security Service Library (38) and to 
said Kerberos Server (20) for the return of an 
authentication response message to said client terminal 
means (10) from credential information placed in said 
General Security Service Library[[;]] of said 
specialized server means; 

(c) means for enabling said Kerberos Support Library 
(34) to elicit authentication information emd Ticket 
Granting Service from said Kerberos Server (20) for 
deposit as validating credential data in said General 
Security Service Library (38). 
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7. (Currently Amended) A method for asynchronous authentication of 
a non-preauthenticated originating terminal in a Kerberos domain, 
said authentication occurring without delay due to other 
concurrent requests for authentication l^y other terminals such as 
client -Users and principals, said method comprising the steps of: 

(a) originating a request, to a specialized Unisys 
ClearPath client-server, for authentication by a non- 
preauthenticated terminal and including the step of: 

(al) originating concurrent xmxltiple requests for 
authentication from multiple client-Users and 
principals; 

(b) processing said originating request and other 
originating requests conctirrently and including the 
st^s of: 

(bl) developing a set of identifying credentials 
for said originating terminal and including the 
steps of: 

(bla) requesting, via a communication means 
(MARC 40, CQM942), under control of a Master 
Control Program (MCP60), a Kerberos Support 
Library (34), and a Kerberos Server (20)^ for 
credentials and a session key; 

(bib) creating a credential structure by 
said Kerberos Support Library (34) to 
identify said originating terminal and 
provide a Ticket Granting Service; 
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(blc) generating, by a General Security 
Service Library (GSS 38), [[OF]] of A Name- 
Handle and GSS Credential Tag that identifies 
the originating terminal to said GSS (38) and 
to said Kerberos Support Library (34) ; 

(bid) generating a message, by said Kerberos 
Support Library (34), to inform said 
communication means (MARC 40, C0MS42) tliat 
the Kerberos authentication circle has been 
successfully completed; 

(b2) asynchronously validating said originating 
terminal for use of a Kerlseros domain; 

(c) responding l^ack asynchronously by said specialized 
ClearPath client -server to authenticate the validity of 
said original requesting terminal without any delays 
due to other concurrent requests for authentication 
which includes the step of: 

(cl) utilizing said communication means (MARC 40, 
caMS42) to transmit an authentication signal from 
a Kerberos Support Library (34) to said 
originating terminal. 
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9. (Cancelled). 

10. (Cancelled). 
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11 • (Previously Amended) The method of claim 7 wherein step (bl) 
includes the steps of: 

( llbla ) processing concurrent 

authentication requests via multi- 
threaded processing means to develop a 
specific credential for each originating 
terminal ; 

(llblb) conveying a completed 
authentication request to said Kerberos 
Support Library (34) and said 
communication means (MARC 40, caMS42). 
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12 • (Cancelled) 
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13. (Currently Amended) In a network wherein multiple client- 
terminals communicate with a specialized Unisys ClearPath client- 
server means (13), having a Kerberos Support Library (34), and 
[ [communicate] ] communicating with a communications means (MARC 
40, COMS 42), a General Security Service Library (38) and said 
specialized client-server means for accessing response 
information from a Kerberos server (20), a method for enabling a 
requesting client-terminal to receive an authentication response 
message assrnchronously from said Kerberos Server (20) comprising 
the steps of: 

(a) initiating an authentication command request by a 
requesting client -terminal; 

(b) utilizing said specialized client-server mieans as a 
communication management system, under control [ [at] ] 
of a Sflaster Control Program (IfCP60), using a 
communication means having a communication management 
program (CQMS 42) and menu assisted resource control 
program (MARC 40) to communicate said authentication 
command request to said Kerberos Server (20) via said 
Kerberos Support Library (34) and to receive a Kerberos 
response message for credential processing by said 
General Security Services Library (38) which is then 
conveyed by said communication means (40, 42) to said 
requesting client-terminal. 
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14. (Currently Amended) The method of claim 13 which includes the 
step of: 

(c) Terminating the session between said client- 
terminal (10) and said Kerberos Support Library (34) 
once the authentication request response has been 
transmitted from said General Security Library (38), 
thus allowing said specialized client-server means 
(13) to process other authentication requests. 
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15. (Currently Amended) The method of claim 13 wherein step (b) 
includes the step of: 

(bl) initiating an error message by said Kerberos 
Support Library (34) when a failure in 
authentication has been recognized; 

(b2) requesting, via said error message, that said 
requesting client-terminal [ [ (b) ] ] should initiate 
a log-on. 
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